The Global Cyber Resilience Report 2024 by Cohesity provides key insights into the state of cyber resilience among organizations worldwide. Based on a survey of more than 3,100 IT and security decision makers in eight countries, including the United States, United Kingdom, and Germany, the report reveals significant gaps between organizations' perceptions of their ability to respond to cyber threats and their actual capabilities.
One of the key findings is the growing threat of ransomware. In 2024, 67% of organizations said they had experienced a ransomware attack, and while many companies have policies against paying ransoms, 69% of those affected admitted to doing so. Worryingly, 22% of these organizations paid more than $3 million to recover their data and resume business operations, demonstrating the enormous financial pressure these attacks place on organizations.
Another critical issue raised in the report is the length of time it takes to recover from cyber attacks. Only 2% of organizations reported being able to recover data and resume operations within 24 hours of an attack. In fact, 16% said it would take more than three weeks to recover, highlighting the urgent need for better preparedness and faster recovery solutions.
The report also points to a disconnect between confidence and reality when it comes to cyber resilience. While 78% of respondents expressed confidence in their organization's resilience strategy, slow recovery times and reliance on ransom payments suggest a significant gap between strategic intent and actual capabilities.
To make matters worse, many organizations are still lagging behind when it comes to implementing basic security measures. Nearly half of the organizations surveyed (48%) have not implemented multi-factor authentication (MFA), leaving their critical systems vulnerable to potential attacks from external and internal threats.
Across Europe, the report found that organizations face similar challenges. With Germany and France leading the way with approximately 400 organizations surveyed each, it is clear that European organizations are not immune to the growing cyber threat landscape. They are also facing alarmingly high rates of ransomware, with a significant number choosing to pay despite strict non-payment policies.
The data also shows that European organizations, like their global counterparts, often overestimate their ability to recover quickly from cyber attacks. Many also lack critical cybersecurity measures such as MFA, which remains a glaring gap in their Zero Trust security approach and leaves sensitive data vulnerable.
The vast majority of respondents (96%) expect the cyber threat landscape to become even more dangerous in the coming years. This suggests that organizations urgently need to refine their cyber resilience strategies, improve their data recovery capabilities and take more proactive steps to ensure business continuity in the face of increasing cyber threats.
In summary, the report highlights the importance of overcoming an over-reliance on resilience strategies and taking concrete steps to improve recovery times, reduce reliance on ransom payments, and implement more robust security measures. Organizations must address these vulnerabilities to survive the increasingly hostile cyber environment of 2024.
You can find the full report here: Global cyber resilience report 2024 by Cohesity